A Novel Delay-Resilient Remote Memory Attestation for Smart Grid
Smart measurement devices play an important role in smart grid and might always be connected through open network interfaces. In this scenario, the adversary could launch code injection attacks to compromise these measurement devices and gain benefits by these compromised devices. To deal with this issue, a number of attestation schemes have been designed to defense the malicious attacks in the past. However, because the detection methods of these schemes are based on extra CPU clock cycles, they could be ineffective when the network delivery delay is significant. To address this problem, in this paper we propose a novel Delay-resilient Remote Memory Attestation scheme (DRMA), which can eliminate the impact of network delivery delay in the multi-hop networks and achieve great accuracy on compromised measurement devices detection. Specially, without sending beacon packets periodically, the proposed scheme can not only get the real-time end-to-end delay via evaluating the time difference reported by the relay nodes in the challenge-response attestation process, but also reduce the network load and achieve great accuracy of network delay. Via extensive theoretical analysis and experiments, our scheme shows better performance and less computing overhead in comparison with existing schemes.
KeywordsSmart measurement devices Code injection attack Delay-resilient memory attestation Smart grid
Unable to display preview. Download preview PDF.
- 2.DeBlasio, R., Tom, C.: Standards for the smart grid. In: Energy 2030 Conference, 2008, pp. 1–7. IEEE (2008)Google Scholar
- 4.Yang, X., Lin, J., Moulema, P., Yu, W., Fu, X., Zhao, W.: A novel en-route filtering scheme against false data injection attacks in cyber-physical networked systems. In: 2012 IEEE 32nd International Conference on Distributed Computing Systems (ICDCS), pp. 92–101. IEEE (2012)Google Scholar
- 6.Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: Scuba: Secure code update by attestation in sensor networks. In: Proceedings of the 5th ACM Workshop on Wireless Security, pp. 85–94. ACM (2006)Google Scholar
- 7.Song, K., Seo, D., Park, H., Lee, H., Perrig, A.: Omap: One-way memory attestation protocol for smart meters. In: 2011 Ninth IEEE International Symposium on Parallel and Distributed Processing with Applications Workshops (ISPAW), pp. 111–118. IEEE (2011)Google Scholar
- 8.Seshadri, A., Perrig, A., Van Doorn, L., Khosla, P.: Swatt: Software-based attestation for embedded devices. In: Proceedings. 2004 IEEE Symposium on Security and Privacy, pp. 272–282. IEEE (2004)Google Scholar
- 9.Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 400–409. ACM (2009)Google Scholar
- 10.Hart, D.G.: Using ami to realize the smart grid. In: Power and Energy Society General Meeting-Conversion and Delivery of Electrical Energy in the 21st Century, 2008, pp. 1–2. IEEE (2008)Google Scholar
- 11.Lu, Z., Lu, X., Wang, W., Wang, C.: Review and evaluation of security threats on the communication networks in the smart grid. In: Military Communications Conference, MILCOM 2010, pp. 1830–1835 (2010)Google Scholar
- 12.Bysani, L., Turuk, A.: A survey on selective forwarding attack in wireless sensor networks. In: 2011 International Conference on Devices and Communications (ICDeCom), pp. 1–5 (2011)Google Scholar
- 15.Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: ACM SIGOPS Operating Systems Review, vol. 39, pp. 1–16. ACM (2005)Google Scholar
- 16.Yang, Y., Wang, X., Zhu, S., Cao, G.: Distributed software-based attestation for node compromise detection in sensor networks. In: 26th IEEE International Symposium on Reliable Distributed Systems, SRDS 2007, pp. 219–230. IEEE (2007)Google Scholar
- 17.Seshadri, A., Luk, M., Perrig, A., Doorn, L.V., Khosla, P.: Using fire & ice for detecting and recovering compromised nodes in sensor networks. Tech. rep., DTIC Document (2004)Google Scholar